The privacy gap between Yahoo! and Google is greater than you think. It's not just that Yahoo! will anonymize user search data 6 months before Google anonymizes user search data. It's that Yahoo! anonymization is less nonsensical than Google anonymization.
Today, as we dutifully reported, Yahoo! said it would anonymize user …

COMMENTS

google are scum

well something like that...maybe...they're just too fucking big these days and are seemingly on a MS mission from god to take over the world... i don't even use search anymore i just randomly put addresses in to see if they have the answer for me.

Cookies

"Google may erase certain IP bits on your nine-month-old search queries, but those bits will remain intact on newer queries - and both sets of queries will carry the same cookie info."

I'm stunned by how many people allow cookies to fester indefinitely. Firefox can clear them every time it closes, and I've been doing that for years regardless. Why would anyone NOT be doing this as a matter of routine? I can only imagine it's a) most likely ignorance of the situation or b) less likely there are some session to session settings which are really required.

Yahoo!'s ultimate privacy policy

Freedom of choice

Everyone who complains about Google's policy is a complete freetard for the following reason (IMHO):

Google is providing a service free of charge

There is no requirement to use said service

They are a business - they will try to make money in any way possible which includes targeted advertising, use of user's data etc etc

Ok, so Google build up an abstract based on my IP which details my surfing habits. So? I haven't told them my name, address, telephone no., bank details and so forth. All they have is a profile which is built on data I chose to share (by using their service) and my IP which, if it wasn't proxied, would only reveal my locality. As far as I know my customer info held by my provider is still subject to data protection laws so it's not as if Google is going to start raiding my bank account or sending me mailshots.

You don't drive a car around without learning how it works, same principle for using the tubes, learn about security penis

We have a comedian in the house

@Freedom of choice

"Ok, so Google build up an abstract based on my IP which details my surfing habits. So? I haven't told them my name, address, telephone no., bank details and so forth."

Unless you've used any of the other Google tentacles. Gmail will have some of those details; if you've used Google Checkout, well, they'll have the whole set. If you exist in the modern world, you'll have used at least one of their services (even if only search).

When a company has a near-monopoly, there needs to be additional regulatory supervision to ensure it doesn't abuse that monopoly. Would you be happy if the government logged 70% of all search queries, or would you be up in arms and pointing at the Constitution / Human Rights Act?

@Chris: your cookies get deleted every session? Fine, but your IP address stays pretty much the same if you're on a broadband connection, and your Google credentials remain the same. If you sign in to your gmail account just once per IP change, then they have your entire history, cookies or not. If you want to be secure, search through Tor. Otherwise, legislate against this kind of bull****.

@Vincent Ballard

You beat me to much the same comment I was going to make. This is meaningless on so many levels. I can "hash" the text "string" to "stringstring" (it's still a one-way function) and then delete half the bits resulting in zero information loss. Also I note the word "secret" used to describe this so-called "hash function". If we are to trust the hash function, there is nothing to lose by making it public, and everything to lose (trust-wise) in keeping it secret.

Finally, what exactly is the point of putting things into a one-way hash function in the first place? If the data is meant to be unrecoverable, then it should simply be deleted. Otherwise, there's nothing stopping Yahoo! from searching for a specific text by passing that through the hash function before comparing it with the stored value. Which just happens to be the way that the Unix password function has been implemented for, oh, 25+ years.

While it's good to hear that Yahoo is, at least on the surface, attempting to Do The Right Thing, I have serious doubts on the first three bullet points listed in the article.

Firefox's anti-phishing and Google

I use Firefox - I understand it has anti-phishing protection provided by Google. I also occasionally surf whilst logged in to Google.

Simple question - are Google linking my account ID with what what sites I'm surfing? I understand it's technically possible - but do they actually do this, or is the relevant privacy policy robust enough to ensure these two things stay entirely separate?

Yahoo! can do this

Because they make money selling things besides personal information. If Google responds by taking real privacy measures, I think we can count on Yahoo! to go even further(again, they make money elsewhere).

Possibly useless

Most cookies have [alpha]numeric values. Changing that to a different number doesn't really make a difference. All occurrences of the cookie still have the same value, and so are associated with each other. If the original cookie is stored anywhere, it can be hashed to look up the data again. The hash will only really anonymize data if it generates a large number of collisions, but we know how likely that is, don't we? Most hash functions (as in hash tables) are designed to avoid collisions as much as possible. Similarly, unless there are collisions in the first half of the hashed ID, removing the second half won't do anything. The only way to be sure this "anonymization" is effective is to make the hashing algorithms public.

Dropping the last octet of the IP address is somewhat better. But if records include search query, cookie, and IP, it doesn't matter since the cookie is still traceable. As for the fourth point, who the hell searches for a credit card number or SSN!? And "non-popular names" is a very loose term.

If they do this the right way, they should get credit for at least making it hard to associate data with a particular user without deliberate effort. Or they could be making a big show of caring about users' privacy without making their data any less useful.

cookies ?

freedom of choice

Yes you get to chose to use their service or not ... but you need to make informed decisions.

Articles like this make people aware of issues and perhaps pressure the companies to make change.

Of course that only works if people see this as a real problem.

Personally I do. I just don't like companies collecting vast amount of information on me. But its not a big deal. So I will try yahoo search and if it works about the same us it instead of Google. If it doesn't meet my needs as well I'll probably switch back and just accept they are keeping too much information on me.

cookie jar

"Of course, most users don't even know what a cookie is."

If my mum knows what it is, everybody does. So I asked her and she said that she knew what it was and that I couldn't have one. Then she asked who had been in the cookie jar. I said I saw my brother near it earlier today.

Can I have my coat, please. My mum wants me to play outside for a while.

@Iain

@Freedom of choice

"Google is providing a service free of charge

There is no requirement to use said service"

Unless you go to one of the millions of sites running the google urchin system, which in nearly every case is used by an imbecile who has no idea what sort of security risks they're presenting their users and themselves by such action, but they do to see some pretty graphics (sorry, useful statistics) for free.

Ahem !!!

what a hash

"Run the user's Yahoo! ID through a one-way secret hash and delete the last 50 per cent of the hashed identifier"

On the grounds that this is then not reversible? Hm. Let's think. How long would it take to hash up a billion recorded Yahoo! IDs and compare them with the magic anonymized ones? No, not very long, really. And if its a cryptographic hash, then the likelihood of a collision even in 50% of the bits is pretty slim. So the de-anonymization sounds pretty trivial to me.

I hope the Reg has missed something: otherwise, this approach is no better than the Google one they so enthusiastically slate.

Freedom of choice by another name

I'd like to make a donation to scroogle ...

Be sure to wash your hands after surfing

Think about how many times a day you click to watch a YouTube video, no matter which site it's on. It might be Obama's weekly chat at change.gov, or even Consumer Watchdog's YouTube video on Chrome's privacy problems. Before you even click to watch the video, you collected several YouTube cookies. And after you click to watch, about ten seconds into the video, Google reads your universal google.com cookie. This is the one with the globally-unique ID. It used expire in 2038, but now it pretends to expire in two years. However, every time you visit any Google site, it gets pushed two years ahead, which means it expires when your hard disk is replaced.

If you don't already have a Google cookie, you get a new one with a new ID. If you have one already, it reads the old cookie. Put your PC on a packet scanner and click on a YouTube video. The GET request to google.com, which apparently is done from the embedded Flash code from YouTube, includes the site you are on, as well as the video you are watching.

This information is available to the U.S. government without a court order. It's called a "National Security Letter" and when Google gets one, it comes with a gag order. How many other governments around the world have similar laws?

Delete your Google cookies and your YouTube cookies when you exit your browser. It's common-sense hygiene - the equivalent of washing your hands after you visit a dirty bathroom at a gas station.

re: Firefox's anti-phishing and Google

"are Google linking my account ID with what what sites I'm surfing?"

You bet they are. Google's (stated) mission is to know everything about everything and their slightly-less stated rationale is to allow them to sell eyeballs to as many advertisers as is humanly possible for as high a price as they can get. As has been pointed out in these parts previously, when all's said and done, they're the world's biggest small-ads platform. Everything else is just gravy, allowing them to sell more, better-targetted ads.

"I understand it's technically possible - but do they actually do this, or is the relevant privacy policy robust enough to ensure these two things stay entirely separate?"

Ha! Hahah! ROTFLMAO...

Lemme see: respect the users' privacy or -- ooh, a Big Sack O' Cash. Which way would *you* think they'd go? (not to mention that Google, as a publicly traded company, has a fiduciary responsibility to place the interests of the shareholders before those of the users).